Everyone wants there to be simple answers in security, but sometimes there are no simple answers.
-
-
I agree that you still have to do technical diligence in order to select a control, but U2F is pretty straightforward now? Either way, just implementing SOME 2FA meaningfully reduces a lot of risks.
-
I think we're on the same page about U2F, but if by "SOME 2FA" you mean "ANY 2FA", then I don't think we agree. Would you argue that SMS-2FA is better than nothing? If so, that's where we differ. I think it's at best, equal to nothing.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.